Is It Worth Securing Your Entire Site?

As an afterthought to my recent post about improving search results with minimal effort, I thought I’d add a few thoughts about another low-effort way to use Google’s algorithm to your advantage: encrypting an entire website instead of just shopping carts, logins, and other traditionally “secure” areas that transfer sensitive data.

In 2014 the Goog started giving a small page rank bump to sites that are entirely encrypted via SSL. This means the entire website is “secure” and is accessed via a URL that begins with https:// instead of the more familiar http:// string. This move was, at least on its face, one of Google’s nudges toward “making the web a better place” by encouraging site owners to encrypt all of their web traffic—thereby discouraging hacking, identity theft, and other widespread nuisances.

If you search for something along the lines of “search results improvement from encrypting entire site” you’ll find a zillion articles with varying takes on whether it’s a good move or not, and for which types of sites. My takeaway is that the SEO benefit is likely a wash for most small sites: the very modest boost you get from securing the site may well be offset by the small penalty for increased loading times usually seen in encrypted sites. That said, there may be other benefits beyond SEO that make it worth doing:

it costs very little to secure a site, and although it may only help a little, it almost certainly won’t hurt

it will likely harden your site somewhat against various bad actors with agendas that aren’t always obvious or rational

it may give your visitors a sense of greater security, i.e. show that you’re mindful of the little details that you can do to make a site better and safer for them

This last point may be the most important, especially if you’re in health care, financial services, or any other application that touches on privacy concerns. If you collect user data (online sales or donations, subscriptions to mailing lists or newsletters, etc.), this is useful because people often reuse passwords from site to site, so even if yours doesn’t contain sensitive data, it may allow entry to others that do. If this kind of visitor confidence is useful for you, that alone might make it worth doing.

A number of other articles also note that Google may continue to raise the importance of the SSL factor, and it may become more of a benefit in the future. I’ll update this post if it becomes clear that the SEO benefit is on the rise.